Josh More - Security Roles in Small Business

Certifications: CISSP, GIAC-GSLC Gold, GIAC-GCIH, RHCE, NCLP, ACE web: http://www.starmind.org

Profile
➢ ➢ ➢ ➢ ➢

Fifteen years technical experience consisting of twelve years in security and ten years in operations. Expertise in assessing technology, business requirements and security threats. Experience presenting to people at all levels of technical skill and business responsibility. Detailed knowledge and experience with system analysis, architecture and operations. Dedication to continual self-driven improvement of professional skills.
Alliance Technologies

Experience

November 2004 – present

Senior Security Consultant: Focus on Business Process and System/Network Security ➢ Performed technical assessments for companies of all sizes and industry verticals. • Conducted network, local and web-focused vulnerability scans. • Developed and implemented network segmentation to reduce scope of attacks. • Researched public data to detect data leaks and prepare for penetration tests. • Reviewed user permission levels to reduce privilege creep and identify orphans. • Wrote custom reporting system to save $25,000 yearly in licensing costs. ➢ Devised plans for both short-term emergency issue mitigation and long-term business strategy. ➢ Proactively monitored security events and responded or notified affected parties. • Reviewed patches and updates: Windows, Linux, Solaris and third party applications. • Reviewed threat and attack trends, developed mitigation and awareness strategies. • Drafted reports to a wide variety of audiences – technicians, sales people, customers, help desk ➢ Incident Response Lead – managed isolation, determination and correction of security incidents. • Average thefts from malware and identify theft commonly exceeded $500,000. • Developed response plans to the termination of internal employees. • Devised technical responses and communication strategies to data loss and defacement incidents. • Performed forensic analysis on corrupted and deliberated deleted data for law suits up to $20,000,000. ➢ Reviewed, analyzed and wrote security policies for companies of all sizes and industry verticals. ➢ Analyzed technologies, recommended vendors and built products to address specific threat vectors: • Disk and Data Encryption – protecting against physical theft and improper access • Intrusion Detection – protecting against bad network traffic, unusual traffic and access patterns • Anti-Malware – protecting against malicious software and providing deep network control • Perimeter Protection – controlling in- and out-bound traffic by port, protocol and destination • Email Control – preventing spam, allowing legitimate email and providing encryption • Web Filtering – limiting access to and monitoring of employee Internet usage • Web Application Firewall – providing protection to unmaintainable legacy web applications • Collaborative Documentation – enabling documentation of various systems and processes • Patch Management – maintaining OS and third party patch levels for workstations and servers • Training – identifying and addressing internal knowledge gaps that impact organization's security ➢ Consulted for compliance with PCI-DSS, HIPAA/HITECH, FDIC, SOX and the FTC Red Flag Rules. ➢ Consolidated legacy systems to modern and hardened systems using development/production mirroring. • Email, Web, Database, DNS, and DHCP servers – affecting most of the pre-existing infrastructure • Migrated to modern Linux systems, for improved reliability, flexibility and supportability ➢ Implemented network-wide monitoring system of all operational servers and network equipment. ➢ Streamlined secure internal operations: change requests, source control, license management. ➢ Performed highly complex data and contract analysis of multi-party code escrow dispute. ➢ Designed system to securely transfer large files between businesses in a user-friendly manner. ➢ Provided outsourced Information Security Officer duties for medium businesses and enterprises. • Determined long term strategies and managed projects to achieve security goals within budgets. • Handled incident exploration, containment and mitigation. ➢ Developed multi-layer protection for Linux-based Web and FTP hosting and Java application servers. ➢ Developed security awareness and pre-sales presentations for numerous audiences. ➢ Drafted strategy to guide the development of a new security division.

Sales Engineer: Focus on Needs Assessment, Report Writing and Presentation ➢ Developed sales presentations for state-wide tours raising awareness of security issues and solutions. ➢ Developed sales strategy and tools to identify solutions by business size and industry vertical. ➢ Developed marketing material for prospects and clients on each solution sold. ➢ Developed rapid assessment system for sales staff to use to uncover hidden opportunities. ➢ Analyzed public data breaches to create common stories for use in presentations and sales calls. ➢ Traveled with sales person to prospects to conduct pre-sales opportunity analysis. ➢ Developed rapid reporting template to be used when conducting pre-sales opportunity analysis. ➢ Engaged in Internet-based marketing: blogging, forums, mailing lists, twitter, image creation ➢ Devised multi-year improvement plans and match solutions to client budget cycles ➢ Managed partnerships with security vendors: Sophos, Astaro, Solutionary, Thawte, Google, TestudoData ➢ Managed partnerships with technical vendors: Microsoft, Novell, Syncsort ➢ Served as account- and project-manager to clients requiring ongoing security/infrastructure improvement. ➢ Attended business networking events, representing the company and seeking leads. ➢ Performed technical and business reviews preceding acquisitions. ➢ Identified buyer and assisted sale of unprofitable portion of our business. ➢ Served as technical lead in group of consultative business leaders, tying together numerous industries. ➢ Served as technical and security lead on RFP response teams for large companies and governments. ➢ Devised strategy for providing managed service for synchronizing mobile devices.
January 2008 – present SANS and GIAC

Question Author and Reviewer: GIAC certification exams based on SANS course material ➢ Wrote and reviewed for the GWEB certification, focusing on web-based security issues. SANS Instructor (Mentor Level): Management 414 – CISSP Mentor Session ➢ Taught students the ten domains of Information Security to prepare them for the CISSP exam. ➢ Emphasized practical security concerns within their respective professional environments. ➢ Added additional teaching of test taking, studying and memorization techniques.
December 2005 – Present Pearson Educational, O'Reilly Press, Syngress

Technical Reviewer: Focus on Security and Applicability to the Market ➢ Reviewed numerous book proposals and recommended for or against publication Technical Editor and Proofer: Focus on Security and Technical Accuracy ➢ Proofed Security+ Review Guide ➢ Edited Novell Cluster Services for Linux and NetWare ➢ Edited FreeBSD 6 Unleashed ➢ Edited X Power Tools ➢ Edited Linux in a Nutshell
May 1999 – November 2004 Clement Claibourne LC / Mail Services LC

Security Analyst ➢ Dramatically improved security through strong authentication and system standards. ➢ Ensured products' technical compliance with the Graham-Leach-Bliley Privacy Act and HIPAA. ➢ Devised password, role, and data management policies for improved security and privacy. ➢ Determined firewall, VPN and routing rule sets for various clients' needs. ➢ Designed, implemented and administered Linux-based products and solutions, providing: • Secure authentication for varied user levels with seamless connection to third party systems. • Automatic synchronization to backup systems for redundancy and disaster recovery. • “Self Aware” systems to help automate security maintenance. ➢ Designed and oversaw development of multi-platform and multi-algorithm encryption system. ➢ Drafted policies for the secure handling of sensitive customer data. Pre-sales Support ➢ Developed proof-of-concept systems for sales endeavors. Production systems build after close of sale. ➢ Developed traveling demonstration systems for sales people to use at trade shows.

Accompanied Sales to demonstrate systems and answer technical questions.
Community Involvement

Security and Open Source Community Leadership: ➢ Head of Cyber division of Iowa Infragard: an FBI-vetted business/government collaboration. • Ran annual conference focused on security communication and education. ➢ Founded local Virtualization Users' Group and Des Moines Security Group. ➢ Hosted and ran meetings as President of the local Linux Users' Group. ➢ Attend local meetings as a security and technical community representative: • Agile Users Group, Iowa Bloggers, ISSA, Cyber Defense Competition at Iowa State University ➢ Consulted to the State of Iowa Department of Homeland Security Information Technology Group. ➢ Active on numerous international security-focused mailing lists and IRC channels. Security and Open Source Community Presentations: ➢ 2011: Virtual Desktop Security – technologies and issues involved with the security of virtual desktops ➢ 2011: Senior Scams – issues impacting senior citizens and those that care for them ➢ 2011: Malware and Identify Theft – short-form presentation on big issues effecting businesses ➢ 2011: Sales – internal presentation educating sales staff on security strategy and prospecting ➢ 2010-2011: General – common security issues impacting businesses ➢ 2010-2011: Finance – financial malware impacting banks and credit unions ➢ 2010-2011: PCI – compliance issues for small businesses accepting credit cards ➢ 2010-2011: HIPAA – compliance issues for medical clinics, insurance agents and hospitals ➢ 2010-2011: Malware – financial malware impacting general business and non-profit groups ➢ 2010: Communication – network-level issues impacting telephone companies and data centers ➢ 2009: Disaster Recovery – technical issue overview for the Iowa Contingency Planners ➢ 2009: GroupWise 8 – features of the new email and calendaring system for an internal audience ➢ 2009: Web Application Security – general security issues for the Des Moines Web Geeks ➢ 2009: Virtualization Security – security issues surrounding virtualization for ISSA ➢ 2009: Linux Security – security issues specific to Linux for Infragard and CIALUG ➢ 2006-2009: MediaWiki – features and use cases for wikis as collaboration systems ➢ 2008: Security Policies – overview of security policy issues for ISACA ➢ 2008: OSX Security – overview of security on Apple computers for Des Moines Mac Users Group ➢ 2008: SQLi and XSS – overview of web-based attacks for the Iowa Ruby Users Group ➢ 2008: Information Warfare – review of public data attacks and defense for Iowa Infragard ➢ 2005-2008: Certification – recommendations for certification paths and testing tips ➢ 2007-2008: Web 2.0 – business uses of emerging web technologies ➢ 2007: Barcamp – ran sessions on Linux, monitoring, job searches and self-promotion ➢ 2006: Guest Lecture – lecture on Linux in business for the DMACC Linux Administration Class ➢ 2006: Technology for Entrepreneurs – using technology to grow startup businesses ➢ 2005: Linux in schools – how open source technology can improve education Media Interviews: ➢ 2011: RFID security and credit cards ➢ 2010: Buena Vista University data loss incident ➢ 2008: Workplace Productivity
Nov. 1996 – May 1999 Grinnell College

Technical Support: User Consultant / Help Desk Technician ➢ Analyzed applications for network inclusion, with a focus on stability and security. ➢ Audited existing applications for adherence to security requirements. ➢ Secured Windows and Macintosh systems against unauthorized users and malicious applications.
May 1998 – Aug. 1998 University of Notre Dame

Academic Research: Intern in High Energy Physics ➢ Programmed system to aid high-energy particle analysis. ➢ Trained other interns in the use of the Unix operating systems.

Education and Certifications
➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢ ➢

CISSP – Certified Information Systems Security Professional GIAC-GCIH – GIAC Certified Incident Handler GIAC-GSLC Gold – GIAC Security Leadership Certification, Gold Level, Paper available online RHCE – Red Hat Certified Engineer (expired) NCLP10 – Novell Certified Linux Professional 10 ACE – Astaro Certified Expert February 2011 – Attended Sophos online training sessions to attain internal certification level January 2009 – Attended SANS 504 Hacker Techniques, Exploits and Incident Handling Class September 2008 – Attended Astaro Engineer Training, achieved Astaro Certified Engineer certification May – 2008 – Attended Microsoft Licensing training January 2008 – Taught SANS 414 CISSP Prep Class December 2007 – Attended Compellent SAN Administration Class February 2007 – Attended SANS 512 Management class December 2005 – Attended N-Able Advanced Administration Class Bachelors degree in Physics, conferred by Grinnell College High Energy Physics Internship, University of Notre Dame